Read client's info. behind Nginx proxy server - asp.net

I'm using Nginx as a proxy server in front of an asp.net core application. In my application, I want to read the client request header, specifically the IP and the User-Agent, but I'm getting the Nginx Info instead. I'm using this configuration:
server {
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
listen 80;
location / {
proxy_pass http://172.18.2.3:5000;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header User-Agent $http_user_agent;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
The application gets the IP Address using this line:
var remoteIpAddress = context.Connection.RemoteIpAddress;
Any idea what could be the problem?
Thanks in Advance.

Related

Nginx directs request to www.example.com but not to internal web application

I've installed several web applications on different ports on the same server. From that server when I send an http request using wget or curl the request goes through and I get the response. I've set up nginx server to not have to specify the port each time. Here's the related nginx config:
server {
listen 10.0.223.34:80;
server_name app1.domain.com;
access_log /var/log/nginx/app1.domain.com.access.log;
error_log /var/log/nginx/app1.domain.com.error.log;
location / {
proxy_pass http://10.0.223.34:8080;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
If I try app1.domain.com from outside I get 502 Bad gateway error. But if I change the proxy_pass to http:\\www.example.com, then nginx takes me to the example.com website.
Inside the nginx.conf file I've specified user nginx;. I've tried changing it to root but it didn't help either. Do you have any idea what else I need to check?
Try this:
upstream app1 {
server localhost:8080;
}
server {
listen 10.0.223.34:
server_name app1.domain.com;
access_log /var/log/nginx/app1.domain.com.access.log;
error_log /var/log/nginx/app1.domain.com.error.log;
location / {
proxy_pass http://app1;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}

nginx reverse proxy to multiple backend servers depending on URL

I have 1 frontend Nginx server and 2 backend nginx servers.
Frontend server does proxy pass to the backend server. Previously there was only 1 backend server so all my queries were going to the single backend server, but as the traffic increased, I have added 1 more backend server just for search queries.
But I can not make only search queries to go to the 2nd backend server.
my current configuration is like this.
server {
listen 80;
server_name example.com;
location /search/ {
proxy_pass https://search.example.com/;
proxy_set_header Host search.example.com;
#set custom headers for upstream server
proxy_set_header Accept-Encoding "";
proxy_set_header CF-Connecting-IP "";
proxy_ssl_verify off;
proxy_ssl_server_name on;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location / {
proxy_pass https://box1.example.com/;
proxy_set_header Host box1.example.com;
#set custom headers for upstream server
proxy_set_header Accept-Encoding "";
proxy_set_header CF-Connecting-IP "";
proxy_ssl_verify off;
proxy_ssl_server_name on;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
What I want to do is.
If URL is
https://example.com/search/test/1/8/0
then reverse proxy to search.example.com
else reverse proxy all other requests to box1.example.com
my current configuration gives 404 not found errors for search queries.
How can I fix it?

How to proxy a re-written url in Nginx?

I have the following config:
js_include /etc/nginx/scripts/encode_request.js;
js_set $encoded_request re_encode_url;
log_format logEncoded $encoded_request;
server {
listen 443 ssl;
listen [::]:443;
server_name myfirst-domain.com;
ssl on;
ssl_certificate /etc/ssl/certs/cert.cer;
ssl_certificate_key /etc/ssl/private/cert.key;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
if ($request_uri ~ ^/lool/https%3A/alf.mydomain.com/(.*)$){
access_log /var/log/nginx/access.log logEncoded; #Output the encoded url to the logs. (For debugging purposes)
rewrite ^/lool/https%3A/alf.mydomain.com/(.*)$ $encoded_request;
}
proxy_pass https://localhost:9980;
}
}
The purpose of which is to filter a URL request that that contains a decoded URL that's required by the backend service. The problem is whilst the request URL has been successfully encoded, it is not being proxied to the backend service and instead I get the original decoded URL which in turn causes an error, though I do get the correctly encoded URL output in the access.log.
Not by far an NGINX or web server saavy person so I'd appreciate some pointers as to what I'm doing wrong / missing.
Another thing that might be of note is that the request upgrades to websocket communication between the client and the sever and I am proxying that.
I'm using NGINX 1.13.6 on Debian Jessie.
I solved the issue using nginScript in the end.
I tossed the conditional and just did everything in nginScript, so the virtual host file (or server block) is simplified thus:
server {
listen 443 ssl;
listen [::]:443;
server_name myfirst-domain.com;
ssl on;
ssl_certificate /path/to/ssl/certificate;
ssl_certificate_key /path/to/ssl/certificate/key;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
#Optional
access_log /var/log/nginx/ll_access.log;
error_log /var/log/nginx/ll_error.log;
proxy_pass https://127.0.0.1:9980$encoded_request;
}
}

How to set the real ip in a request going from nginx to a backend server

I have my backend servers fronted with nginx. When a user sends a request to my backend, it hits the NginX and then it is routed to the backend server. There, I publish some stats and one of them is the client IP. In my setup, its the Nginx IP which gets published as the client IP. Is there a way and a config to set the real IP of the client?
Following is my config.
server {
listen 8280;
server_name my.server.com;
location / {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_read_timeout 5m;
proxy_send_timeout 5m;
proxy_pass http://myserver_http/;
}
access_log /mnt/var/log/nginx/myserver/access.log;
error_log /mnt/var/log/nginx/myserver/error.log;
}
in order to forward the real client IP use inside your location block:
proxy_set_header X-Real-IP $remote_addr;

proxy_pass does not work properly

I need to resolve some Cross Domain Policy issues for our team's project setup (Converse.js,
XMPP, BOSH, ...) by setting up a nginx reverse proxy configuration.
I want to archieve exactly these bindings:
nginx to local gunicorn HTTP server
http://my.nginx.server.com/ should proxy http://localhost:8000/
nginx to remote HTTP-server for BOSH
http://my.nginx.server.com/http-bind should proxy http://some.very.remote.server:5280/http-bind
Currently, only the first binding works. The second one doesn't. nginx delivers every request to the local gunicorn HTTP server and not to the remote server.
This is my nginx.conf:
...
server {
listen 80;
server_name localhost;
# Reverse proxy for remote HTTP server
location ~ ^/http-bind/ {
proxy_pass http://some.very.remote.server:5280;
}
# Reverse proxy for local gunicorn HTTP server
location / {
proxy_pass http://localhost:8000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect http://$server_name http://$server_name:8000;
}
...
}
I have found this working configuration:
location /http-bind {
proxy_pass http://sapbot.mo.sap.corp:5280/http-bind;
proxy_set_header Host $host;
proxy_buffering off;
tcp_nodelay on;
}
location / {
proxy_pass http://localhost:8000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect http://$server_name http://$server_name:8000;
}

Resources